DNS and server redundancy 1

[Maccaday]

Hi,

I'm trying to plan for a globally redundant server network.

I was wondering what happens if a webserver is not found on the internet. Is a request sent to find the DNS server with the definitive information on where the server is located (i.e. the resolving IP for a URL)? What happens if that DNS server can't be found, are the second, third... servers checked until the list of all DNS servers is complete, or is that only done when a cached DNS entry runs out?

If I had a backup server and DNS server located in a physically separated place, could I automatically redirect all requests to the backup server somehow, or would I have to wait until DNS caches had expired globally?

Any info on the topic would be gratefully received.

 

[ChrisAC]

I was wondering what happens if a webserver is not found on the internet."

Do you mean, if a DNS server resolves say

http://www.domain.com

to an IP address but that web server does not respond, does the DNS server try to resolve it to another IP? If so then the answer is no! DNS does not care if the service is available on the server or not. Its job is just to resolve IP's and hostnames.

"What happens if that DNS server can't be found, are the second, third... servers checked until the list of all DNS servers is complete"

If a DNS server cannot be found then a secondary server should be contacted. Most domains will list at least two DNS servers. For example,

dig tek-tips.com ns

tek-tips.com. 3289 IN NS ns.shutter.net.
tek-tips.com. 3289 IN NS ns2.shutter.net.

So in this case, if another DNS server tries to resolve

http://www.tek-tips.com

from ns.shutter.net but this server does not respond, it should try ns2.shutter.net.

"If I had a backup server and DNS server located in a physically separated place, could I automatically redirect all requests to the backup server somehow, or would I have to wait until DNS caches had expired globally?"

Generally your two DNS servers would both be queried for your domain and then should hold the same zone info so it really doesn't matter which one is used. The only reason what you might have different data would be if one is a master and the other a slave and you change data on the master but the slave is not reloaded and so would not transfer the new zone until a reload had been zone (unless a 'notify' was used to force the slave to check the serial on the master and force a zone transfer).

Chris.




**********************
Chris A.C, CCNA, CCSA
**********************

 

[Maccaday]

Cheers Chris,

Am I right in saying the following?:

That the IP address of a URL is cached in routers, so they don't need to check it every time they try to access a server?

That when the caches expire on the major routers on the backbone of the internet, they check for the definitive DNS server. As the caches expire on lesser routers, then they check their 'upline' routers, so the new IP addresses are filtered down until all routers either have the correct IP address, or ask a router that does.

i.e. that the definitive DNS server for a domain isn't requested for the IP address of a server every time it is requested by a client.

Thanks.

 

[ChrisAC]

When you are referring to 'major routers on the backbone of the internet', I presume that you actually mean "DNS servers"?

In any case, no, it does not really work that way. IP changes are not really 'filtered down' from DNS servers to lesser DNS servers. If you have a DNS server yourself (or you use an ISP's DNS servers) and you then query say

http://www.tek-tips.com

then the DNS server will check its cache first and if it has an answer then it will return that. If it doesn't have an answer then either it will go in search of the answer itself or if it has a forwarder then it will send the query to that server.

If it goes in search of the answer itself then it will first (in this case anyway) see if it knows what the .com DNS servers are and if so then it can ask them for an answer. They will either know the answer or know what servers are authoratative for tek-tips.com. So in this case they would say "go and check with ns.shutter.net or ns2.shutter.net." It will then go off and query those servers that should be able to resolve the

http://www record.

If the DNS server doesn't know where to find the .com servers then it will go and check with the root servers which will then refer it to the .com servers who will refer it to the correct servers for the domain. This is a very simplified view of DNS but I'm sure that you get the idea.

Once the server has an answer, it will cache it for a period of time equal to the TTL for that record/zone. If anyone queries that server for

http://www.tek-tips.com

then it will use the answer in its cache until the TTL expires and it has to start the resolution process all over again.

For example, if I ask my DNS server for

http://www.tek-tips.com

I get the following answer:

;; ANSWER SECTION:

http://www.tek-tips.com.

3600 IN CNAME tek-tips.com.
tek-tips.com. 3600 IN A 216.45.19.33

Note that the TTL is 3600. That is 3600 seconds or one hour. So my DNS server will now hold that answer for one hour. If tek-tips now change their IP address and update the zone file with the new information, my server will not have the right answer until the TTL has expired and it goes off and checks with ns.shutter.net or ns2.shutter.net to get the new information. If I query my server again I get:

;; ANSWER SECTION:

http://www.tek-tips.com.

3376 IN CNAME tek-tips.com.
tek-tips.com. 3376 IN A 216.45.19.33

So now the TTL is down to 3376 seconds. It will continue to give this answer until the TTL reaches zero and is flushed from the cache.

That's a very basic overview but I hope that it answers your questions.

Chris.

**********************
Chris A.C, CCNA, CCSA
**********************

 

[Maccaday]

Chris, the throroughness of your answers is much appreciated.

I think I had in my mind what you described, but just didn't explain it very well - sorry.

When I said 'filtered down' I meant that information on one DNS server was requested from another DNS server, which I think is what you mean by a forwarder. By forwarder, do you mean that instead of asking the .com or .net DNS servers for addresses, that DNS servers ask other DNS servers in between (which possibly in turn asks another forwarder)?

Are forwarders common or uncommon on the Internet, i.e. broadly speaking is there a multi-levelled hierarchical structure of DNS servers, or do most DNS servers get their addresses from the top level DNS servers, with just a few having forwarders?

Cheers again for your answers. They're much appreciated.

Marcus.

 

[ChrisAC]

Marcus,

Yes, a forwarder would be used to forward the query to. So in my case my server can either resolve the domain itself by following the referals from the root servers to the .com servers to the correct name servers for the domain, or I can just forward all queries from my server to the ISP server and then let that find the answer and pass it back to my server.

Generally, forwarders seem to be popular but I really can't see why. If you have a DNS then let it do its job. Many DNS admins that I've dealt with seem to think that they have to forward queries to our DNS servers but I always recommand using the root hints file and doing proper resolution.

Chris.

**********************
Chris A.C, CCNA, CCSA
**********************

 

[Maccaday]

Chris, thanks for answering my questions. It's much appreciated.

Marcus.